# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4
PortSystem 1.0
name prelude-lml
version 5.2.0
revision 6
categories security
license GPL-2+
maintainers {ctreleaven @ctreleaven} openmaintainer
description Prelude Sensor for analyzing logs and collecting Syslog events
long_description \
Prelude is an Hybrid intrusion detection system framework that relies on the \
IDMEF (Intrusion Detection Message Exchange Format) IETF standard. It enables \
security sensors such as Snort, honeyd, Nessus Vulnerability Scanner, Samhain, \
over 30 types of system logs, and many others to verify an attack \
by performing automatic correlation between events. This port provides the \
\'log monitoring lackey\'
homepage https://www.prelude-siem.org/
master_sites ${homepage}pkg/src/${version}/
checksums rmd160 78c3947a9d50ffa7757374bab3394ccc753dffe5 \
sha256 6d386d02fea12e45e215f038b19572278414ddbc75d7f9d9f2a43171ba5faf5f \
size 1584414
depends_build-append \
port:pkgconfig
depends_lib path:lib/pkgconfig/icu-uc.pc:icu \
path:lib/pkgconfig/gnutls.pc:gnutls \
port:pcre \
port:libprelude
patchfiles dynamic_lookup-11.patch
configure.args --disable-silent-rules \
--mandir=${prefix}/share/man
destroot.keepdirs \
${destroot}${prefix}/var/lib/prelude-lml
post-destroot {
reinplace "s|= /var/log/messages|= /var/log/system.log|g" \
${destroot}${prefix}/etc/prelude-lml/prelude-lml.conf
}
test.run yes
test.target check
# 4 failed tests - appear to relate to stdin not a tty, ie not a problem
notes-append "
Please see ${homepage} for configuration that must be complete before the first run."
startupitem.create yes
startupitem.executable ${prefix}/bin/${name}
livecheck.url ${homepage}projects/prelude/files